[Pkg-libvirt-maintainers] Pushing Ubuntu's AppArmor-related delta into the Debian libvirt package?
Felix Geyer
fgeyer at debian.org
Tue Sep 30 09:06:56 UTC 2014
On 30.09.2014 09:51, Stefan Bader wrote:
> @@ -33,6 +36,12 @@
> network inet6 stream,
> network inet6 dgram,
> network packet dgram,
> + network netlink,
> +
> + dbus bus=system,
> + signal,
> + ptrace,
> + unix,
>
> # Very lenient profile for libvirtd since we want to first focus on confining
> # the guests. Guests will have a very restricted profile.
Upstreaming these rules seems problematic to me.
Afaik the AppArmor 2.8 parser will throw an error when reading those.
Is there a way to make profiles backwards compatible with regard to added confinement features?
Cheers,
Felix
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-libvirt-maintainers/attachments/20140930/3c8962b1/attachment.sig>
More information about the Pkg-libvirt-maintainers
mailing list